Advanced Threat Detection

Despite the ubiquity of file sharing services like OneDrive and Google Docs, many information workers are still using email to share documents and other files. Radicati reports that the number of business emails sent and received per day will reach 116.4 billion by the end of 2016, and a good number of them will include an attachment. Regardless of the potential version conflicts and security risks, email remains a fast and convenient way for users to review and collaborate on a document.

Because of the huge volume of documents that are shared via email each day, antivirus (AV) technologies around the world are constantly evaluating email attachments for potentially malicious files. Last week the threat detection community ran into a problem when a public domain AV signature provider wrongfully categorized all Microsoft .doc files as a virus. This led to a large number of legitimate Microsoft Word documents to be blocked from transmission when they encountered an AV layer.

Fleming Shi is the senior vice president of technology at Barracuda, where he leads the company’s cloud-enabled microservices technology innovation and integrations across the entire security and data protection portfolio. Connect with him on LinkedIn.

Again one of these days: my corporate laptop needs a restart for applying a critical service pack, and so does my private workstation. Well, let’s grab some coffee and check emails on the smartphone. Oops, here's a critical update in the pipeline, waiting for my OK to be applied to the system.

But as annoying this might be for this very moment, it keeps my systems from becoming a threat, maybe becoming a zombie machine that is secretly working for somebody who wants to ride DDoS attacks and abusing my systems to do so.

A solid defensive strategy in sports, is a strategic decision not taken lightly by coaches and can change the outcome of a game. For example, in basketball a coach has to decide whether the team should play a man-to-man defense where each player guards an opponent’s player or a classic zone defense where the team divides and defends specific areas on the court. Each one has its strengths and weaknesses. The more aggressive coaches believe the best defense is a good offense. The same philosophy can be applied to IT strategies and decisions to protect a company’s information. In this case the CIO is the Coach and the players are applications and data.

Last month the Milwaukee Bucks basketball team notified the FBI and IRS that they had a breakdown in their defense allowing the bad guys to score one for their team…(or two if we’re keeping to the basketball analogy). Except this time it was not on the court but in the data center…which has become the chosen arena for the bad guys.

There is another round of emails flooding inboxes of German, Austrian, and Swiss mail accounts. The subject provides an invoice number, which together with a customer number and a total sum in the floating text, all looks more or less okay to not-suspicious/everyday users.

The mail also includes a linked zip-file, which should be suspicious itself, but still, some in an organization will click on it. This simple click will start the downloading sequence and a series of malicious events.

Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. In this role, she helps bring Barracuda stories to life and facilitate communication between the public and Barracuda internal teams. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.

There is another round of emails flooding inboxes of German, Austrian, and Swiss mail accounts. The subject provides an invoice number, which together with a customer number and a total sum in the floating text, all looks more or less okay to not-suspicious/everyday users.

The mail also includes a linked zip-file, which should be suspicious itself, but still, some in an organization will click on it. This simple click will start the downloading sequence and a series of malicious events.